1 |
On Friday 15 Apr 2016 09:48:47 Neil Bothwick wrote: |
2 |
|
3 |
> I have these entries in /etc/rkhunter.conf.local: |
4 |
> |
5 |
> ALLOWDEVFILE="/dev/shm/org.chromium.Chromium.shmem.*" |
6 |
> ALLOWDEVFILE="/dev/shm/pulse-shm-*" |
7 |
> ALLOWHIDDENFILE="/usr/share/man/man5/.k5identity.5.bz2" |
8 |
> ALLOWHIDDENFILE="/usr/share/man/man5/.k5login.5.bz2" |
9 |
> ALLOWHIDDENFILE="/usr/share/man/man5/.k5identity.5" |
10 |
> ALLOWHIDDENFILE="/usr/share/man/man5/.k5login.5" |
11 |
|
12 |
Thank you all for your advice. I have a couple of entries in my |
13 |
rkhunter.conf.local too, but not a wild card like "/dev/shm/pulse-shm-*". I |
14 |
was thinking that if I were a script kiddie, this could be easy picking if I |
15 |
wanted to place a malicious payload on a PC. |
16 |
|
17 |
-- |
18 |
Regards, |
19 |
Mick |